Our system has found that you are using an ad-blocking browser add-on.

We just wanted to let you know that our site content is, of course,
available to you absolutely free of charge.

Our ads are the only way we have to be able to bring you the latest
high-quality content, which is written by professional journalists,
with the help of editors, graphic designers, and our site production
and I.T. staff, as well as many other talented people who work around the clock
for this site.

So, we ask you to add this site to your Ad Blocker’s "white list" or
to simply disable your Ad Blocker while visiting this site.

Small businesses across America are increasingly falling prey to cyberattacks and allowing criminals access into the nation's critical information technology infrastructure, officials from the FBI and Department of Homeland Security warned lawmakers Tuesday.

"We're losing the war," FBI Cyber Division Deputy Assistant Director Howard Marshall told the House Committee on Small Businesses when asked small-business cyberattacks. "These are not things we have been trained to think about."

Against a backdrop of Kremlin-linked social media and cyber-meddling in U.S. elections and a steady drumbeat of state-sponsored hackers probing national security targets, lawmakers took time out Tuesday to acknowledge the unique challenges smaller firms given the limited resources they have.

"Forty percent of all cyberattacks are focused on companies with less than 500 employees," said Rep. Nydia Velazquez, New York Democrat. "This may be because 14 percent of small businesses reported having a plan in place for keeping their companies cybersecure."

The FBI tracks the "the accelerating sophistication" of threats and attack methods, Mr. Marshall explained. These include email scams targeting businesses with bogus foreign suppliers or wire transfers, criminal data thefts, and email phishing scams that lure victims to click on malware -- which often leads to digital ransom schemes that kidnap firm data.

The committee is working on the Small Business Advanced Cybersecurity Enhancements Act of 2017, specifically aimed at easing information sharing between federal agencies and America's smallest companies and businesses.

Rep. Ralph Norman noted how hard it could be for rural businesses -- where reputation is everything -- to address the issue of cyberattacks themselves. The way a firm might disclose a breach, the South Carolina Republican said, could lead to questions of credibility and possible perceptions that a business might have lost critical customer data or trade secrets.

Richard Driggers, the deputy assistant secretary for communications at DHS's Office of Cybersecurity, empathized with the plight of small, rural firms caught in a cyberattack. "This isn't a gotcha game," he said. "We are not going to go report someone to a federal regulator. We want to help."

Mr. Driggers stressed that small businesses needed to stick to the security basics, including backing up critical data, protecting mobile devices, and tracking, locking or wiping any device that is lost or stolen.

He also noted that always keeping software security up to date, frequently changing system passwords and providing employees rudimentary cybersecurity training went a long way to helping small firms keep themselves safe.